Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

DATE	CVE	VULNERABILITY TITLE	RISK
2022-09-09	CVE-2022-38283	SQL Injection vulnerability in Jflyfox Jfinal CMS 5.1.0 JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/video/list. network low complexity jflyfox CWE-89	7.2
2022-09-09	CVE-2022-38284	SQL Injection vulnerability in Jflyfox Jfinal CMS 5.1.0 JFinal CMS 5.1.0 is vulnerable to SQL Injection via /system/department/list. network low complexity jflyfox CWE-89	7.2
2022-09-09	CVE-2022-38285	SQL Injection vulnerability in Jflyfox Jfinal CMS 5.1.0 JFinal CMS 5.1.0 is vulnerable to SQL Injection via /system/menu/list. network low complexity jflyfox CWE-89	7.2
2022-09-09	CVE-2022-38286	SQL Injection vulnerability in Jflyfox Jfinal CMS 5.1.0 JFinal CMS 5.1.0 is vulnerable to SQL Injection via /system/role/list. network low complexity jflyfox CWE-89	7.2
2022-09-08	CVE-2022-38265	SQL Injection vulnerability in Apartment Visitor Management System Project Apartment Visitor Management System 1.0 Apartment Visitor Management System v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter at /avms/edit-apartment.php. network low complexity apartment-visitor-management-system-project CWE-89	7.2
2022-09-08	CVE-2022-38267	SQL Injection vulnerability in School Activity Updates With SMS Notification Project School Activity Updates With SMS Notification 1.0 School Activity Updates with SMS Notification v1.0 was discovered to contain a SQL injection vulnerability via the component /modules/user/index.php?view=edit&id=. network low complexity school-activity-updates-with-sms-notification-project CWE-89	7.2
2022-09-08	CVE-2022-38268	SQL Injection vulnerability in School Activity Updates With SMS Notification Project School Activity Updates With SMS Notification 1.0 School Activity Updates with SMS Notification v1.0 was discovered to contain a SQL injection vulnerability via the component /modules/autonumber/index.php?view=edit&id=. network low complexity school-activity-updates-with-sms-notification-project CWE-89	7.2
2022-09-08	CVE-2022-38269	SQL Injection vulnerability in School Activity Updates With SMS Notification Project School Activity Updates With SMS Notification 1.0 School Activity Updates with SMS Notification v1.0 was discovered to contain a SQL injection vulnerability via the component /modules/modstudent/index.php?view=edit&id=. network low complexity school-activity-updates-with-sms-notification-project CWE-89	7.2
2022-09-08	CVE-2022-38260	SQL Injection vulnerability in Interview Management System Project Interview Management System 1.0 Interview Management System v1.0 was discovered to contain a SQL injection vulnerability via the component /interview/delete.php?action=questiondelete&id=. network low complexity interview-management-system-project CWE-89	7.2
2022-09-08	CVE-2022-38255	SQL Injection vulnerability in Interview Management System Project Interview Management System 1.0 Interview Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /interview/editQuestion.php. network low complexity interview-management-system-project CWE-89	7.2